|
Title: Linux/Unix 'Bash Shell' security hole found (Patch NOW!) Post by: NxCmp on September 25, 2014, 07:28:35 AM SECURITY THREAT
If you are running or have "bash" installed on any of your systems/devices that use versions between 1.14 to 3.4 you are vulnerable. This is a very large threat. It allows the attack to execute code and commands on the target system. To check your version in the command line run "bash --version" to check, if you fall into that version range please update your package manage and update/patch immediately. To test if you are at risk run: env x='() { :;}; echo vulnerable' bash -c "echo this is a test" If the console prints: vulnerable this is a test You are not protected, once patched you should see: bash: warning: x: ignoring function definition attempt bash: error importing function definition for `x' this is a test Best of luck everyone! Link: https://isc.sans.edu/forums/diary/Attention+NIX+admins+time+to+patch+/18703 Link: http://www.zdnet.com/unixlinux-bash-...ed-7000034021/ Thank you. ____________ Title: Re: Linux/Unix 'Bash Shell' security hole found (Patch NOW!) Post by: Shadow Kisuragi on September 25, 2014, 07:34:36 AM Thanks for the heads up!
Title: Re: Linux/Unix 'Bash Shell' security hole found (Patch NOW!) Post by: mumboking on September 25, 2014, 08:35:59 AM I updated the bash package on my Ubuntu earlier today.
I'm safe. :P Title: Re: Linux/Unix 'Bash Shell' security hole found (Patch NOW!) Post by: NxCmp on September 26, 2014, 08:07:38 AM SECURITY THREAT UPDATE
A second way to exploit this problem has been found and there is NO FIX yet at the time of this post. To test to see if the second method still effects you, you can run: env -i X='() { (a)=>\' bash -c 'echo date'; cat echo You will still receive and error but it will create a file in the current director you are in called "echo". If you find the Date/Time printed in this file you are still vulnerable to the second method of attach. Now keep in mind that since this type of threat is really only meant for servers that offer services Online, patching the second method is not 100% vital. While you should still patch the first method for any system and the fact a fix is being created for the second, you should still treat this threat with care and should still fully patch all your systems with batch regardless. Some of the known attack vectors are: - cgi-bin - ssh - DHCP Thanks Title: Re: Linux/Unix 'Bash Shell' security hole found (Patch NOW!) Post by: NxCmp on September 26, 2014, 09:56:57 AM SECURITY THREAT UPDATE 2
A patch was released for the second exploit method. Please run your package managers and update bash again. Thanks |